Opencart supports the ability for people to choose their Customer Group when they create their account. However, it doesn't appear there's any way for a user to then change that setting once the account is created.
I've searched everywhere I can think of and haven't found any instructions on how to do this. Anyone know how I might be able to add that in?
Thanks!
Something like this isn't something you can change a couple of lines with and it be enabled. You'll need to add it to a view, create the controller methods including validation and create a method in a model to update the group via SQL.
Related
Is there a way to restrict access to a page so that only people who are logged in and in a certain group can see the page? I really need help with this. It's for a big client and I don't want to turn it down!
Here's how it would work:
Customer is given a link via email that I will manually send out.
That link is to a page in the store. In order to see it they must log in with their account. And if they are apart of the right group, then Bingo, they can see the page!
I will have 3 groups total and multiple pages. Each page will be branded for the user which is easy. I just need to be able to send out a link to a page and only people in "GROUP A" who are logged in, can see it.
If you want to restrict access to default pages in OpenCart, you have to create a pretty simple VQMod. It should add a checkup in an common controller file (header.php is the best).
First of all, there's a standard isLogged() function in system/library/customer.php, commonly used like this:
$this->customer->isLogged();
You can also easily get customer info - id, group ID etc., using standard functions:
$this->customer->getId();
$this->customer->getCustomerGroupId();
Add these checks to index() function in catalog/common/controller/header.php and redirect on fail/success:
$this->redirect($this->url->link('information/yourpage'));
Of course, to implement all this you should know, how to use VQMod.
I'm almost 6 years late, but in case someone else needs this, there's a module here: https://www.opencart.com/index.php?route=marketplace/extension/info&extension_id=27897
I'd like to add the capability for users to create their own groups and invite others to join the group (or leave the group) or for users to request access to a group to a django app.
The group in this case is basically a pool of potential players for a football match, from which the actual players will be chosen.
Is the standard django auth groups system the correct thing to use here or is there another way? I'd need it to be able to do invitations and stuff, obviously.
I can obviously write my own but is there another app out there that already does this kind of thing nicely?
If not, has anyone got any tips on how to go about this?
Creating your own model will give you more control to add extra information to those groups, such as the invitation system you described. The auth groups models was designed for classifying users by what level of control they have over the data on the website, which isn't what you want a groups model for. A new model will be much easier for you work with than trying to extend the existing groups model; which has built in functionality that you won't use, and probably has security features that will make it difficult to work with.
Django has an authentication and authorization scheme baked in ('django.contrib.auth') as well as modelforms to generate forms for easy input of data into the database.
I'd like to be able to record who created a record, leveraging django.contrib.auth, with the explicit purpose of limiting editing of that same record to just that user and/or people with an "edit" permission. I know that I could use the #user_passes_test decorator to restrict access to editing my record in some fashion, but I don't know what I would compare the request.user.name to in order to determine if the current user originally created that record.
How much of this do I need to roll on my own? Do I need to capture the name author, save it to the model, and then read it - or is there something already in the framework that would do this for me?
And, if I was to attempt to save the author in a field, how would I go about doing that in such a way as to not let the user edit their own credentials?
There are a couple of apps to do something similar, please check https://www.djangopackages.com/grids/g/model-audit/
About the last questions, to prevent the user not to edit its own credentials, you can mark the field with editable=False so it wont appear in the admin or ModelForms.
I have an application written in Oracle Apex 4.2
Different users have access to different pages. Apex's built in Access Control function ( ADMIN, EDIT, VIEW) takes care of what pages different users can see.
A separate requirement though is that some users can see certain pages and not edit them and other users can edit those pages.
I know that at the item level there is a Read Only option. I can hard code a user name ie
:APP_USER like 'Betty Boop%'
How can I set an item to be read only based on the Access Control group that a user belongs to (ADMIN,EDIT,VIEW)
I know that there is a utility: APEX_UTIL.CURRENT_USER_IN_GROUP
but if I do something like READ ONLY PL/SQL Expression
APEX_UTIL.CURRENT_USER_IN_GROUP('VIEW')
It doesn't do anything.
It seems that APEX_UTIL.CURRENT_USER_IN_GROUP doesn't know that the groups created by Apex Access control are groups - I need to code something? Create a function? Create a group table?
I'm not understanding how to do this
thanks
To use APEX_UTIL.CURRENT_USER_IN_GROUP you need to create user group(s) as an workspace administrator first: Administration->Manage Users and Groups->Groups->Create User Group.
Then you need to assign the group(s) to your application users: Groups->User Group Assigments. You should read documentation for more details.
And, after that you will be able to check an assignment of particular group to current application user with the APEX_UTIL.CURRENT_USER_IN_GROUP function.
I want to be able to efficiently find all user with a particular permission and then among those users find all users who have a particular flag (I extended the base User model and created my own, which has the flag). I was wondering what is the easiest/efficient way to do this? I was reading the below (among other sites):
How can I get all objects a user has specific permissions to in django guardian?
But they dont seem to be helping in my situation. Please let me know if there is an article I missed, thanks!
[EDIT]
I read the following page:
http://digitaldreamer.net/blog/2010/5/10/get-all-users-group-django/
Basically I want to get all users who have a particular permission AND who have a certain flag. Right now I can do: User.objects.filter(organization_id = id) to get all users within a particular organization as per my code. But within that list, I want all users who have a particular permission.
I asked a question related to django-guardian and answered it myself after much research. I believe you should be able to find your answer here: Django Groups and Permissions. Extending Groups to have a FK?
UPDATE
You could do something like this:
user_list = []
for user in User.Objects.filter(organization_id=id):
if user.has_perm('PERM NAME'):
user_list.append(user)
See this link for more details: http://packages.python.org/django-guardian/userguide/check.html
You could do it as mentioned above. But by chaining filter statements, it is also possible. I referred to this other question: How to get a list of all users with a specific permission group in Django. By chaining both filter statements, I can get all users with a permission and all users with the certain organization_id.